Primary

Context

WebERP SQL Injection Vulnerability in StockCounts.php

Vulnerability

A SQL injection vulnerability has been identified in WebERP version 4.15.2. This vulnerability allows attackers to execute arbitrary SQL commands and extract sensitive data. The issue arises in the StockCounts.php file, where a crafted payload can be injected into the DEL form field via a POST request.

Impact

Exploitation of this vulnerability allows for error-based SQL injection, where an attacker can manipulate SQL queries and potentially access or modify database information.

Reproduction

To reproduce this vulnerability, authenticate as an Accountant user and navigate to the StockCounts.php page. Intercept the request to delete a stock count entry and inject a SQL payload into the DEL parameter. Once the request is sent, the injected SQL command will be executed, and the response can be used to extract database information, such as table names.

Remediation

Users can update to the patched version of WebERP, which is available on the project's GitHub releases page.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WebERP SQL Injection Vulnerability in StockCounts.php

Vulnerability

Impact

Reproduction

Remediation

Affected Products

webERP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating